14 replies to this topic

[Beo]

I have compiled the ipt_LOG.ko for openpli. Now I want to put this line on /etc/syslog.conf:

kern.warning /var/log/iptables.log

But when I restart /etc/init/syslog

/etc/syslog.conf: 10: kern.warning: not found

Any idea ??

[Erik Slagter]

The syslog supplied with any enigma-based image is a very simple implementation by busybox, it's not the traditional bsd syslog, so creating the /etc/syslog file won't work anyway.

If you want to monitor iptables activities just type "dmesg" at regular intervals or log everything remotely (which the busybox syslog CAN do).

Also did you create a kernel with iptables enabled? The kernel in OpenPLi doesn't have iptables enabled.

[Beo]

The syslog supplied with any enigma-based image is a very simple implementation by busybox, it's not the traditional bsd syslog, so creating the /etc/syslog file won't work anyway.

If you want to monitor iptables activities just type "dmesg" at regular intervals or log everything remotely (which the busybox syslog CAN do).

Also did you create a kernel with iptables enabled? The kernel in OpenPLi doesn't have iptables enabled.

Using dmesg works ok, the log that I created in iptables appears on dmesg.

On the other hand the file /etc/syslog.conf have this options:

DESTINATION="buffer" # log destinations (buffer file remote)
MARKINT=20 # interval between --mark-- entries [min]
REDUCE=no # reduced-size logging
BUFFERSIZE=64 # buffer: size of circular buffer [kByte]
LOGFILE=/var/log/messages # file: where to log
ROTATESIZE=32 # file: rotate log if grown beyond X [kByte] (busybox 1.2+)
ROTATEGENS=1 # file: keep X generations of rotated logs (busybox 1.2+)
REMOTE=loghost:514 # remote: where to log
FOREGROUND=no # run in foreground (don't use!)

This are all options of the busybox-syslog ??

[pieterg]

busybox syslog works fine, with the default /etc/syslog.conf (or /etc/default/busybox-syslog for more recent images) using destination 'buffer' you can use 'logread -f' to monitor the log.
Or switch it to a file on the hdd if you prefer

[Beo]

busybox syslog works fine, with the default /etc/syslog.conf (or /etc/default/busybox-syslog for more recent images) using destination 'buffer' you can use 'logread -f' to monitor the log.
Or switch it to a file on the hdd if you prefer

Do you know how to store the log on a file on /media/hdd for example ??

[pieterg]

DESTINATION="file"
LOGFILE=/media/hdd/messages

[Beo]

I have now like this:

DESTINATION="file" # log destinations (buffer file remote)
MARKINT=20 # interval between --mark-- entries [min]
REDUCE=no # reduced-size logging
BUFFERSIZE=64 # buffer: size of circular buffer [kByte]
LOGFILE=/media/cf/messages # file: where to log
ROTATESIZE=32 # file: rotate log if grown beyond X [kByte] (busybox 1.2+)
ROTATEGENS=1 # file: keep X generations of rotated logs (busybox 1.2+)
REMOTE=loghost:514 # remote: where to log
FOREGROUND=no # run in foreground (don't use!)

But the /media/cf/messages doesn't created, I have restart the syslog daemon, I have restart the machine but nothing.

More ideas ?

[pieterg]

do the /etc/syslog.conf settings actually make it to the busybox-syslogd commandline?
(check with ps)
If they don't, check the initscript (something like /etc/init.d/busybox-syslog)

[Beo]

I'm trying to find something on the initscript /etc/syslog of yours Dreambox600 image. The daemon that runs with the system log is klogd (viewing with ps) but initscript apparently manage the 2 daemons syslogd and klogd.

Here the code:

#! /bin/sh
#
# syslog		init.d script for busybox syslogd/klogd
#			   Written by Robert Griebl <sandman@handhelds.org>
#			   Configuration file added by <bruno.randolf@4g-systems.biz>
set -e
 
if [ -f /etc/syslog.conf ]; then
		. /etc/syslog.conf
		LOG_LOCAL=0
		LOG_REMOTE=0
		for D in $DESTINATION; do
				if [ "$D" = "buffer" ]; then
						SYSLOG_ARGS="$SYSLOG_ARGS -C$BUFFERSIZE"
						LOG_LOCAL=1
				elif [ "$D" = "file" ]; then
						if [ -n "$LOGFILE" ]; then
								SYSLOG_ARGS="$SYSLOG_ARGS -O $LOGFILE"
						fi
						if [ -n "$ROTATESIZE" ]; then
								SYSLOG_ARGS="$SYSLOG_ARGS -s $ROTATESIZE"
						fi
						if [ -n "$ROTATEGENS" ]; then
								SYSLOG_ARGS="$SYSLOG_ARGS -b $ROTATEGENS"
						fi
						LOCAL=0
				elif [ "$D" = "remote" ]; then
						SYSLOG_ARGS="$SYSLOG_ARGS -R $REMOTE"
						LOG_REMOTE=1
				fi
		done
		if [ "$LOG_LOCAL" = "1" -a "$LOG_REMOTE" = "1" ]; then
				SYSLOG_ARGS="$SYSLOG_ARGS -L"
		fi
		if [ -n "$MARKINT" ]; then
				SYSLOG_ARGS="$SYSLOG_ARGS -m $MARKINT"
		fi
		if [ "$REDUCE" = "yes" ]; then
				SYSLOG_ARGS="$SYSLOG_ARGS -S"
		fi
else
		# default: log to 16K shm circular buffer
		SYSLOG_ARGS="-C"
fi
 
case "$1" in
  start)
		echo -n "Starting syslogd/klogd: "
		start-stop-daemon -S -b -n syslogd -a /sbin/syslogd -- -n $SYSLOG_ARGS
		start-stop-daemon -S -b -n klogd -a /sbin/klogd -- -n
		echo "done"
		;;
  stop)
		echo -n "Stopping syslogd/klogd: "
		start-stop-daemon -K -n syslogd
		start-stop-daemon -K -n klogd
		echo "done"
		;;
  restart)
		$0 stop
		$0 start
		;;
  *)
		echo "Usage: syslog { start | stop | restart }" >&2
		exit 1
		;;
esac
 
exit 0
 

root@dm600pvr /media/ba #ps -aux|grep log
  936 root		664 S   /sbin/klogd -n
  945 root		548 S   grep log

Edited by Beo, 10 January 2012 - 09:07.

[pieterg]

klogd delivers to syslogd. Both are needed.

[Beo]

I think the problem can be that klogd binary don't have all options available ? For example for write on a file, which is that I need

root@dm600pvr /sbin # klogd --help
BusyBox v1.01 (2011.08.16-22:45+0000) multi-call binary
Usage: klogd [-c n] [-n]
Kernel logger.
Options:
	    -c n    Sets the default log level of console messages to n.
	    -n	  Run as a foreground process.

When I restart /etc/init.d/syslog this is the output always (apparently syslogd is not working ? )

root@dm600pvr /sbin # /etc/init.d/syslog restart
Stopping syslogd/klogd: no syslogd found; none killed.
stopped klogd (pid 991).
done
Starting syslogd/klogd: done

[pieterg]

klogd does not write to a file.
You need busybox-syslogd
Just need to find out why it does not get the 'file' destination settings.

[Beo]

klogd does not write to a file.
You need busybox-syslogd
Just need to find out why it does not get the 'file' destination settings.

Yes but openpli for dream600 it uses klogd not syslogd, I ask in this forum, because you are the creator of this wonderful image for Dream600.
I noticed that the default values of /etc/syslog.conf for...

DESTINATION="buffer" # log destinations (buffer file remote)
MARKINT=20 # interval between --mark-- entries [min]
REDUCE=no # reduced-size logging
BUFFERSIZE=64 # buffer: size of circular buffer [kByte]
LOGFILE=/var/log/messages # file: where to log
ROTATESIZE=32 # file: rotate log if grown beyond X [kByte] (busybox 1.2+)
ROTATEGENS=1 # file: keep X generations of rotated logs (busybox 1.2+)
REMOTE=loghost:514 # remote: where to log
FOREGROUND=no # run in foreground (don't use!)

don't create the file /var/log/messages, I'm trying tu study the reason, but at the moment I don't know.

My best regards,

[hemispherical1]

Worked fine on a 500+ image. Normally I use remote logging. I just switched "remote" to "file" in syslog.conf and ran /etc/init.d/syslog restart at which point the messages log file appeared under /var/log. Did you make any other changes? Are both syslogd & klogd actually running?

1070 root 676 S /sbin/syslogd -n -O /var/log/messages -m 60
1072 root 664 S /sbin/klogd -n

--
hemi

[Beo]

Worked fine on a 500+ image. Normally I use remote logging. I just switched "remote" to "file" in syslog.conf and ran /etc/init.d/syslog restart at which point the messages log file appeared under /var/log. Did you make any other changes? Are both syslogd & klogd actually running?

1070 root 676 S /sbin/syslogd -n -O /var/log/messages -m 60
1072 root 664 S /sbin/klogd -n

--
hemi

The other day I haven't syslogd started, now I have but the /var/log/messages don't created

26044 root 676 S /sbin/syslogd -n -C64 -m 20
26046 root 664 S /sbin/klogd -n